Trac configuration is done by editing the trac.ini config file, located in <projectenv>/conf/trac.ini.

Global Configuration

Since version 0.9, Trac can also read the configuration from a global trac.ini file. These global options will then be merged with the environment-specific options, where local options override global options.

The global configuration is by default localted in $prefix/share/trac/conf/trac.ini. It can be moved to a different location (for example, /etc/trac.ini), but that requires changing the file trac/siteconfig.py which gets created when Trac is installed.

Reference

This is a brief reference of available configuration options.

[account-manager]

account_changes_notify_addresses

List of email addresses that get notified of user changes, ie,
new user, password change and delete user.

allow_delete_account

Allow users to delete their own account.

cookie_refresh_pct

Persistent sessions randomly get a new session cookie ID with
likelihood in percent per work hour given here (zero equals to never)
to decrease vulnerability of long-lasting sessions.

db_htdigest_realm

Realm to select relevant htdigest db entries

email_regexp

A validation regular expression describing new account emails.

environ_auth_overwrite

Whether environment variable REMOTE_USER should get overwritten after processing login
form input. Otherwise it will only be set, if unset at the time of authentication.

force_passwd_change

Force the user to change password when it's reset.

generated_password_length

Length of the randomly-generated passwords created when resetting
the password for an account.

htdigest_file

Path relative to Trac environment or full host machine
path to password file

htdigest_realm

Realm to select relevant htdigest file entries

login_opt_list

Set to True, to switch login page style showing alternative actions
in a single listing together.

Allow the user to be remembered across sessions without
needing to re-authenticate. This is, user checks a
"Remember Me" checkbox and, next time he visits the site,
he'll be remembered.

refresh_passwd

Re-set passwords on successful authentication.
This is most useful to move users to a new password store or
enforce new store configuration (i.e. changed hash type),
but should be disabled/unset otherwise.

register_basic_token

A question for verification.

register_basic_token_reply

Required reply to verification question.

register_check

Ordered list of IAccountRegistrationInspector's to use for
registration checks.

reset_password

Set to False, if there is no email system setup.

username_char_blacklist

Always exclude some special characters from usernames.
This is enforced upon new user registration.

username_regexp

A validation regular expression describing new usernames.

verify_email

Verify the email address of Trac users.

[attachment]

max_size

Maximum allowed file size (in bytes) for ticket and wiki
attachments.

render_unsafe_content

Whether attachments should be rendered in the browser, or
only made downloadable.
Pretty much any file may be interpreted as HTML by the browser,
which allows a malicious user to attach a file containing cross-site
scripting attacks.
For public sites where anonymous users can create attachments it is
recommended to leave this option disabled (which is the default).

[browser]

color_scale

Enable colorization of the age column.
This uses the same color scale as the source code annotation:
blue is older, red is newer.
(since 0.11)

downloadable_paths

List of repository paths that can be downloaded.
Leave the option empty if you want to disable all downloads, otherwise
set it to a comma-separated list of authorized paths (those paths are
glob patterns, i.e. "*" can be used as a wild card)
(since 0.10)

hide_properties

Comma-separated list of version control properties to hide from
the repository browser.
(since 0.9)

intermediate_color

(r,g,b) color triple to use for the color corresponding
to the intermediate color, if two linear interpolations are used
for the color scale (see intermediate_point).
If not set, the intermediate color between oldest_color and
newest_color will be used.
(since 0.11)

intermediate_point

If set to a value between 0 and 1 (exclusive), this will be the
point chosen to set the intermediate_color for interpolating
the color value.
(since 0.11)

newest_color

(r,g,b) color triple to use for the color corresponding
to the newest color, for the color scale used in blame or
the browser age column if color_scale is enabled.
(since 0.11)

oldest_color

(r,g,b) color triple to use for the color corresponding
to the oldest color, for the color scale used in blame or
the browser age column if color_scale is enabled.
(since 0.11)

oneliner_properties

Comma-separated list of version control properties to render
as oneliner wiki content in the repository browser.
(since 0.11)

render_unsafe_content

Whether raw files should be rendered in the browser, or only made
downloadable.
Pretty much any file may be interpreted as HTML by the browser,
which allows a malicious user to create a file containing cross-site
scripting attacks.
For open repositories where anyone can check-in a file, it is
recommended to leave this option disabled (which is the default).

wiki_properties

Comma-separated list of version control properties to render
as wiki content in the repository browser.
(since 0.11)

[changeset]

max_diff_bytes

Maximum total size in bytes of the modified files (their old size
plus their new size) for which the changeset view will attempt to show
the diffs inlined (since 0.10).

max_diff_files

Maximum number of modified files for which the changeset view will
attempt to show the diffs inlined (since 0.10).

wiki_format_messages

Whether wiki formatting should be applied to changeset messages.
If this option is disabled, changeset messages will be rendered as
pre-formatted text.

[header_logo]

alt

Alternative text for the header logo.

height

Height of the header logo image in pixels.

link

URL to link to, from the header logo.

src

URL of the image to use as header logo.
It can be absolute, server relative or relative.
If relative, it is relative to one of the /chrome locations:
site/your-logo.png if your-logo.png is located in the htdocs
folder within your TracEnvironment;
common/your-logo.png if your-logo.png is located in the
folder mapped to the htdocs_location URL.
Only specifying your-logo.png is equivalent to the latter.

width

Width of the header logo image in pixels.

[inherit]

plugins_dir

Path to the shared plugins directory.
Plugins in that directory are loaded in addition to those in the
directory of the environment plugins, with this one taking
precedence.
(since 0.11)

templates_dir

Path to the shared templates directory.
Templates in that directory are loaded in addition to those in the
environments templates directory, but the latter take precedence.
(since 0.11)

[logging]

log_file

If log_type is file, this should be a path to the log-file.
Relative paths are resolved relative to the log directory of the
environment.

log_format

Custom logging format.
If nothing is set, the following will be used:
Trac[$(module)s] $(levelname)s: $(message)s
In addition to regular key names supported by the Python logger library
(see http://docs.python.org/library/logging.html), one could use:
- $(path)s the path for the current environment
- $(basename)s the last path component of the current environment
- $(project)s the project name
Note the usage of $(...)s instead of %(...)s as the latter form
would be interpreted by the ConfigParser? itself.
Example:
($(thread)d) Trac[$(basename)s:$(module)s] $(levelname)s: $(message)s(since 0.10.5)

log_level

Level of verbosity in log.
Should be one of (CRITICAL, ERROR, WARN, INFO, DEBUG).

log_type

Logging facility to use.
Should be one of (none, file, stderr, syslog, winlog).

[milestone]

stats_provider

Name of the component implementing ITicketGroupStatsProvider,
which is used to collect statistics on groups of tickets for display
in the milestone views.

[mimeviewer]

max_preview_size

Maximum file size for HTML preview. (since 0.9)

mime_map

List of additional MIME types and keyword mappings.
Mappings are comma-separated, and for each MIME type,
there's a colon (":") separated list of associated keywords
or file extensions. (since 0.10)

pygments_default_style

The default style to use for Pygments syntax highlighting.

pygments_modes

List of additional MIME types known by Pygments.
For each, a tuple mimetype:mode:quality has to be
specified, where mimetype is the MIME type,
mode is the corresponding Pygments mode to be used
for the conversion and quality is the quality ratio
associated to this conversion. That can also be used
to override the default quality ratio used by the
Pygments render.

tab_width

Displayed tab width in file preview. (since 0.9)

treat_as_binary

Comma-separated list of MIME types that should be treated as
binary data. (since 0.11.5)

[notification]

admit_domains

Comma-separated list of domains that should be considered as
valid for email addresses (such as localdomain).

always_notify_owner

Always send notifications to the ticket owner (since 0.9).

always_notify_reporter

Always send notifications to any address in the reporter
field.

always_notify_updater

Always send notifications to the person who causes the ticket
property change and to any previous updater of that ticket.

ambiguous_char_width

Which width of ambiguous characters (e.g. 'single' or
'double') should be used in the table of notification mail.
If 'single', the same width as characters in US-ASCII. This is
expected by most users. If 'double', twice the width of
US-ASCII characters. This is expected by CJK users. (since
0.12.2)

email_sender

Name of the component implementing IEmailSender.
This component is used by the notification system to send emails.
Trac currently provides SmtpEmailSender for connecting to an SMTP
server, and SendmailEmailSender for running a sendmail-compatible
executable. (since 0.12)

ignore_domains

Comma-separated list of domains that should not be considered
part of email addresses (for usernames with Kerberos domains).

mime_encoding

Specifies the MIME encoding scheme for emails.
Valid options are 'base64' for Base64 encoding, 'qp' for
Quoted-Printable, and 'none' for no encoding, in which case mails will
be sent as 7bit if the content is all ASCII, or 8bit otherwise.
(since 0.10)

sendmail_path

Path to the sendmail executable.
The sendmail program must accept the -i and -f options.
(since 0.12)

Email address(es) to always send notifications to,
addresses can be seen by all recipients (Cc:).

smtp_default_domain

Default host/domain to append to address that do not specify
one.

smtp_enabled

Enable email notification.

smtp_from

Sender address to use in notification emails.

smtp_from_name

Sender name to use in notification emails.

smtp_password

Password for SMTP server. (since 0.9)

smtp_port

SMTP server port to use for email notification.

smtp_replyto

Reply-To address to use in notification emails.

smtp_server

SMTP server hostname to use for email notifications.

smtp_subject_prefix

Text to prepend to subject line of notification emails.
If the setting is not defined, then the [$project_name] prefix.
If no prefix is desired, then specifying an empty option
will disable it. (since 0.10.1).

smtp_user

Username for SMTP server. (since 0.9)

ticket_subject_template

A Genshi text template snippet used to get the notification subject.
By default, the subject template is $prefix #$ticket.id: $summary.
$prefix being the value of the smtp_subject_prefix option.
(since 0.11)

use_public_cc

Recipients can see email addresses of other CC'ed recipients.
If this option is disabled (the default), recipients are put on BCC.
(since 0.10)

use_short_addr

Permit email address without a host/domain (i.e. username only).
The SMTP server should accept those addresses, and either append
a FQDN or use local delivery. (since 0.10)

use_tls

Use SSL/TLS to send notifications over SMTP. (since 0.10)

[project]

admin

E-Mail address of the project's administrator.

admin_trac_url

Base URL of a Trac instance where errors in this Trac should be
reported.
This can be an absolute or relative URL, or '.' to reference this
Trac instance. An empty value will disable the reporting buttons.
(since 0.11.3)

descr

Short description of the project.

footer

Page footer text (right-aligned).

icon

URL of the icon of the project.

name

Name of the project.

url

URL of the main project web site, usually the website in which
the base_url resides. This is used in notification e-mails.

[query]

default_anonymous_query

The default query for anonymous users. The query is either
in query language syntax, or a URL query
string starting with ? as used in query:Trac links.
(since 0.11.2)

default_query

The default query for authenticated users. The query is either
in query language syntax, or a URL query
string starting with ? as used in query:Trac links.
(since 0.11.2)

items_per_page

Number of tickets displayed per page in ticket queries,
by default (since 0.11)

ticketlink_query

The base query to be used when linkifying values of ticket
fields. The query is a URL query
string starting with ? as used in query:Trac links.
(since 0.12)

[report]

items_per_page

Number of tickets displayed per page in ticket reports,
by default (since 0.11)

[revisionlog]

[roadmap]

stats_provider

Name of the component implementing ITicketGroupStatsProvider,
which is used to collect statistics on groups of tickets for display
in the roadmap views.

[search]

default_disabled_filters

Specifies which search filters should be disabled by
default on the search page. This will also restrict the
filters for the quick search function. The filter names
defined by default components are: wiki, ticket,
milestone and changeset. For plugins, look for
their implementation of the ISearchSource interface, in
the get_search_filters() method, the first member of
returned tuple. Once disabled, search filters can still
be manually enabled by the user on the search page.
(since 0.12)

min_query_length

Minimum length of query string allowed when performing a search.

[sqlite]

[svn]

branches

Comma separated list of paths categorized as branches.
If a path ends with '*', then all the directory entries found below
that path will be included.
Example: /trunk, /branches/*, /projectAlpha/trunk, /sandbox/*

tags

Comma separated list of paths categorized as tags.
If a path ends with '*', then all the directory entries found below
that path will be included.
Example: /tags/*, /projectAlpha/tags/A-1.0, /projectAlpha/tags/A-v1.1

[ticket]

default_cc

Default cc: list for newly created tickets.

default_component

Default component for newly created tickets.

default_description

Default description for newly created tickets.

default_keywords

Default keywords for newly created tickets.

default_milestone

Default milestone for newly created tickets.

default_owner

Default owner for newly created tickets.

default_priority

Default priority for newly created tickets.

default_resolution

Default resolution for resolving (closing) tickets
(since 0.11).

default_severity

Default severity for newly created tickets.

default_summary

Default summary (title) for newly created tickets.

default_type

Default type for newly created tickets (since 0.9).

default_version

Default version for newly created tickets.

max_comment_size

Don't accept tickets with a too big comment.
(since 0.11.2)

max_description_size

Don't accept tickets with a too big description.
(since 0.11).

preserve_newlines

Whether Wiki formatter should respect the new lines present
in the Wiki text.
If set to 'default', this is equivalent to 'yes' for new environments
but keeps the old behavior for upgraded environments (i.e. 'no').
(since 0.11).

restrict_owner

Make the owner field of tickets use a drop-down menu.
Be sure to understand the performance implications before activating
this option. See
Assign-to as Drop-Down List.
Please note that e-mail addresses are not obfuscated in the
resulting drop-down menu, so this option should not be used if
e-mail addresses must remain protected.
(since 0.9)

workflow

Ordered list of workflow controllers to use for ticket actions
(since 0.11).

[timeline]

abbreviated_messages

Whether wiki-formatted event messages should be truncated or not.
This only affects the default rendering, and can be overriden by
specific event providers, see their own documentation.
(Since 0.11)

changeset_collapse_events

Whether consecutive changesets from the same author having
exactly the same message should be presented as one event.
That event will link to the range of changesets in the log view.
(since 0.11)

changeset_long_messages

Whether wiki-formatted changeset messages should be multiline or
not.
If this option is not specified or is false and wiki_format_messages
is set to true, changeset messages will be single line only, losing
some formatting (bullet points, etc).

changeset_show_files

Number of files to show (-1 for unlimited, 0 to disable).
This can also be location, for showing the common prefix for the
changed files. (since 0.11).

default_daysback

Default number of days displayed in the Timeline, in days.
(since 0.9.)

max_daysback

Maximum number of days (-1 for unlimited) displayable in the
Timeline. (since 0.11)

newticket_formatter

Which formatter flavor (e.g. 'html' or 'oneliner') should be
used when presenting the description for new tickets.
If 'oneliner', the [timeline] abbreviated_messages option applies.
(since 0.11).

ticket_show_details

Enable the display of all ticket changes in the timeline, not only
open / close operations (since 0.9).

[trac]

auth_cookie_lifetime

Lifetime of the authentication cookie, in seconds.
This value determines how long the browser will cache
authentication information, and therefore, after how much
inactivity a user will have to log in again. The default value
of 0 makes the cookie expire at the end of the browsing
session. (since 0.12)

auth_cookie_path

Path for the authentication cookie. Set this to the common
base path of several Trac instances if you want them to share
the cookie. (since 0.12)

authz_file

The path to the Subversion
authorization (authz) file.
To enable authz permission checking, the AuthzSourcePolicy permission
policy must be added to [trac] permission_policies.

authz_module_name

The module prefix used in the authz_file for the default
repository. If left empty, the global section is used.

auto_preview_timeout

Inactivity timeout in seconds after which the automatic wiki preview
triggers an update. This option can contain floating-point values. The
lower the setting, the more requests will be made to the server. Set
this to 0 to disable automatic preview. The default is 2.0 seconds.
(since 0.12)

auto_reload

Automatically reload template files after modification.

backup_dir

Database backup location

base_url

Reference URL for the Trac deployment.
This is the base URL that will be used when producing documents that
will be used outside of the web browsing context, like for example
when inserting URLs pointing to Trac resources in notification
e-mails.

check_auth_ip

Whether the IP address of the user should be checked for
authentication (since 0.9).

Name of the component that handles requests to the base URL.
Options include TimelineModule, RoadmapModule, BrowserModule,
QueryModule, ReportModule, TicketModule and WikiModule. The
default is WikiModule. (since 0.9)

default_language

The preferred language to use if no user preference has been set.
(since 0.12.1)

default_timezone

The default timezone to use

genshi_cache_size

The maximum number of templates that the template loader will cache
in memory. The default value is 128. You may want to choose a higher
value if your site uses a larger number of templates, and you have
enough memory to spare, or you can reduce it if you are short on
memory.

htdocs_location

Base URL for serving the core static resources below
/chrome/common/.
It can be left empty, and Trac will simply serve those resources
itself.
Advanced users can use this together with
trac-admin ... deploy <deploydir> to allow serving the
static resources for Trac directly from the web server.
Note however that this only applies to the <deploydir>/htdocs/common
directory, the other deployed resources (i.e. those from plugins)
will not be made available this way and additional rewrite
rules will be needed in the web server.

ignore_auth_case

Whether login names should be converted to lower case
(since 0.9).

mainnav

Order of the items to display in the mainnav navigation bar,
listed by IDs. See also TracNavigation.

metanav

Order of the items to display in the metanav navigation bar,
listed by IDs. See also TracNavigation.

mysqldump_path

Location of mysqldump for MySQL database backups

never_obfuscate_mailto

Never obfuscate mailto: links explicitly written in the wiki,
even if show_email_addresses is false or the user has not the
EMAIL_VIEW permission (since 0.11.6).

permission_policies

List of components implementing IPermissionPolicy, in the order in
which they will be applied. These components manage fine-grained access
control to Trac resources.
Defaults to the DefaultPermissionPolicy? (pre-0.11 behavior) and
LegacyAttachmentPolicy? (map ATTACHMENT_* permissions to realm specific
ones)

permission_store

Name of the component implementing IPermissionStore, which is used
for managing user and group permissions.

pg_dump_path

Location of pg_dump for Postgres database backups

repository_dir

Path to the default repository. This can also be a relative path
(since 0.11).
This option is deprecated, and repositories should be defined in the
repositories section, or using the
"Repositories" admin panel. (since 0.12)

repository_sync_per_request

List of repositories that should be synchronized on every page
request.
Leave this option empty if you have set up post-commit hooks calling
trac-admin $ENV changeset added on all your repositories
(recommended). Otherwise, set it to a comma-separated list of
repository names. Note that this will negatively affect performance,
and will prevent changeset listeners from receiving events from the
repositories specified here. The default is to synchronize the default
repository, for backward compatibility. (since 0.12)

repository_type

Default repository connector type. (since 0.10)
This is also used as the default repository type for repositories
defined in TracIni#repositories-section repositories or using the
"Repositories" admin panel. (since 0.12)

request_filters

Ordered list of filters to apply to all requests
(since 0.10).

resizable_textareas

Make <textarea> fields resizable. Requires JavaScript.
(since 0.12)

secure_cookies

Restrict cookies to HTTPS connections.
When true, set the secure flag on all cookies so that they are
only sent to the server on HTTPS connections. Use this if your Trac
instance is only accessible through HTTPS. (since 0.11.2)

Timeout value for database connection, in seconds.
Use '0' to specify no timeout. (Since 0.11)

use_base_url_for_redirect

Optionally use [trac] base_url for redirects.
In some configurations, usually involving running Trac behind a HTTP
proxy, Trac can't automatically reconstruct the URL that is used to
access it. You may need to use this option to force Trac to use the
base_url setting also for redirects. This introduces the obvious
limitation that this environment will only be usable when accessible
from that URL, as redirects are frequently used. (since 0.10.5)

[versioncontrol]

allowed_repository_dir_prefixes

Comma-separated list of allowed prefixes for repository
directories when adding and editing repositories in the repository
admin panel. If the list is empty, all repository directories are
allowed. (since 0.12.1)

[wiki]

Enable/disable the use of unsafe HTML tags such as <script> or
<embed> with the HTML WikiProcessor
(since 0.10.4).
For public sites where anonymous users can edit the wiki it is
recommended to leave this option disabled (which is the default).

safe_schemes

List of URI schemes considered "safe", that will be rendered as
external links even if [wiki] render_unsafe_content is false.
(since 0.11.8)

[components]

(since 0.9)

This section is used to enable or disable components provided by plugins, as well as by Trac itself. The component to enable/disable is specified via the name of the option. Whether its enabled is determined by the option value; setting the value to enabled or on will enable the component, any other value (typically disabled or off) will disable the component.

The option name is either the fully qualified name of the components or the module/package prefix of the component. The former enables/disables a specific component, while the latter enables/disables any component in the specified package/module.

The first option tells Trac to disable the report module. The second option instructs Trac to enable all components in the webadmin package. Note that the trailing wildcard is required for module/package matching.

See the Plugins page on About Trac to get the list of active components (requires CONFIG_VIEWpermissions.)